Re: Error checking out large repository -- illegal padding

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2004-07-30 01:35:42 CEST

Andy Helten wrote:

>> Read chapter 6 closely... these are separate methods of using svnserve.
>>
> I did read it, about 4 times. I guess my assumption was that the svn://
> access method did not encrypt the repository _data_ (did not find this
> explicitly described in the book). Am I wrong here? I understand
> authentication is secured by CRAM-MD5, but that doesn't imply the
> subsequent repository transfer is secure. Is it? If not, these access
> methods are hardly equivalent in terms of security.
>

You are correct. A client speaking svn:// to an svnserve daemon is not
speaking over an encrypted link. (The password never travels over the
network in any form... but the main repository data isn't encrypted.)

I never claimed the two methods were equivalent in terms of security.
:-) I was just pointing out that one method requires an ssh system
account, one does not. Encryption is a separate topic.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jul 30 01:35:25 2004

This message: [ Message body ]
Next message: Campbell, Matthew A: "RE: log across copies?"
Previous message: Ben Collins-Sussman: "Re: log across copies?"
Maybe in reply to: Andy Helten: "Error checking out large repository -- illegal padding"
Next in thread: Andy Helten: "Re: Error checking out large repository -- illegal padding"
Reply: Andy Helten: "Re: Error checking out large repository -- illegal padding"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]